[GRLUG] Coyote Linux Personal Firewall
Michael Mol
mikemol at gmail.com
Fri Jan 2 16:36:38 EST 2009
On Fri, Jan 2, 2009 at 4:30 PM, Bob Kline <bob.kline at gmail.com> wrote:
>
>
> On Fri, Jan 2, 2009 at 2:49 PM, Michael Mol <mikemol at gmail.com> wrote:
>>
>> On Fri, Jan 2, 2009 at 2:44 PM, Joshua Burns <jdburnz at gmail.com> wrote:
>> > unfortunately not, it's a pretty straight boot...
>>
>> Then my next approach would be to boot of a live CD, change the root
>> password on the live CD, and copy the encrypted password from the
>> liveCD's /etc/shadow to the machine's /etc/shadow and /etc/shadow- .
>> I've done this a few times, though it might not work if the two
>> distros use a different salt for the password hash. (Though, honestly,
>> I've never encountered that barrier.)
>
> This describes a pretty nifty way to break
> in to a PC. The ability to use a live CD or DVD
> to rearrange passwords, and otherwise modify
> the Linux OS (windoz too? ) seems like a ready
> made master key.
>
> I've had occasion to use a live CD to provide
> root access to my own PC, and wondered then
> why I couldn't just do this to any machine
> running Linux.
>
> Other than to, say, change the boot sequence,
> and eliminate booting from anything other
> than the hard drive, to prevent someone from
> booting a live CD, what are some ways to prevent
> this?
I don't know how, but if you could change the salt used to computer
the encrypted password, then the replaced passwords wouldn't work,
downgrading a control situation into a DOS.
--
:wq
More information about the grlug
mailing list